Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr LM Cheng Director Smart Card Design Center

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Dr LM Cheng Director Smart Card Design Center"— Presentation transcript:

1 Security and Reliability of Smart Card Smart HKID Card Forum Jan 6, 2001 Science Museum
Dr LM Cheng Director Smart Card Design Center Dept. of Electronic Engineering City University of Hong Kong Good afternoon chairman, panel members and audiences, my name is Lam Yuk Lung. Today I would like to present my final year project. My project title is development of a flexible chip operating system for smart card.

2 Content Background General Security Features
Simple Cryptographic Engine Encryption Techniques Security Standards & Assessment Physical & Electrical Reliability Electro-static Discharge

3 Background Type of Smart Cards Worldwide Market
New Technologies requirement

4 Types of Smart Card Memory Card MPU IC card Crypto- processor card
Contactless card

5 Worldwide Smart Cards Market Forecast (Millions of Dollars and Millions of Units) Data From Frost & Sullivan

6 New Technologies Required
Data Storage Management - information protection authentication process - biometric: fingerprint, facial features, iris identification, dynamic signature recognition, speech recognition Advanced encryption methods - Elliptic Curve Cryptography, chaotic techniques, AES

7 Basic Internal Structure of CPU Smart Card

8 Possible Attacks on Smart Card
UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key EM analysis: use electron microscope to inspect the internal structure of the mask

9 duplication: illegal copying of card content from one to another
confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory duplication: illegal copying of card content from one to another

10 tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands

11 Other possible attracts:
attract on DES like differentiate methods attract on RSA using cyclic properties

12 General Smart Card Security Features
Against UV or X-ray inspection: Using implementation to avoid visible of ROM Code EM analysis: Address Scrambling of memories Against confusion: Low/High voltage sensors Low/High Frequencies sensors High Frequency Protection

13 Against Cyclic properties:
Against duplication: Security PROM Hardware Protected Unique Chip Identification Number Move Code Blocking Against Tracking: Secure authentication and data/key encryption Against DPA: Random Wait State (Advance) Current Scrambling Generator (Advance) Against Cyclic properties: No simple solutions

14 Protection Against Tracking
Random Number Generator for dynamic key generation Cipher Engine for data protection: Block Stream

15 Random Number Generator
For generation of session keys Digital approach can only generate pseudo random number based on Xi =(a Xi-1 + b) mod c Other use analogue approaches like VCO, white noise generator etc.

16 Block Cipher K1: Master Key of length 16-bit
K2: Card ID of length 16-bit Process in block and errors propagate within the block Block Cipher Method – Write to Memory Block Cipher Method – Read from Memory

17 Stream Cipher Similar to a state machine with K1K2 as the initial state A pseudorandom number sequences generated are XOR with the Input Data to form the Output Data The data must be in sequence in order to encode and decode correctly

18 Encryption Techniques
Encryption will modify data into irregular form for security storage and transmission. The reconstruction is achieved by using a set of relevant Keys. Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cryptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.

19 Common Encryption Techniques in Smart Card
Private:- Data Exchange DES (Data Encryption Standard) Public:- Key Exchange RSA (Rivet, Shamir, Adleman) ECC (Elliptic Curve Cryptography) Also for Authentication

20 Is Smart Card Secure? There are no perfect (100% secured) systems available Systems design and built for minimal attack risk can be treated as secure sytems Secure systems are evaluated/classified in different levels using international standards such as TCSEC/DoD (Orange -USA), ITSEC (Europe) and CCITSE (ISO15408)

21 Trusted Computer Security Evaluation Criteria – USA(DoD)
D: Minimal protection No protection C1: Discretionary Security Protection Use control access C2: Controlled Access Protection Use accountability/auditing

22 B1: Labeled Security Protection B2: Structured Protection
Use sensitivity (classification) labels B2: Structured Protection Use formal security policy more resistant to penetrate B3: Security domain Highly resistant to penetration. Use security administrator, auditing events and system recovery process A1: Verified protection Highly assure of penetration. Use formal specification and verification approaches.

23 Information Technology Security Evaluation Criteria (ITSEC) and Common Criteria (CC) – Europe&Canada
EAL1 - functional tested EAL2 - structurally tested EAL3 - methodologically tested and checked

24 EAL6 - semi formally verified designed and tested
EAL4 - methodologically designed, tested and reviewed EAL5 - semi formally designed and tested EAL6 - semi formally verified designed and tested EAL7 - formally verified designed and tested

25 Federal Information Processing Standards (FIPS) - evaluation
FIPS 46-2 and 81 for DES FIPS 186 for Digital Signature FIPS for Cryptographic Modules

26 Security evaluation requirements
Cryptographic modules module interface role and services finite state machine model physical security Environmental Failure Protection/Testing (EFT/EFP)

27 Software security Operation security cryptographic key management cryptographic algorithm EMI/EMC self tests

28 Physical & Electrical Reliability
Test Standard Reference Test Methodology Test Frequency 1 Salt Atmosphere CECC 48 h, 35°C, 45%HR, 5% NaCl Manufacturing product audit 2 Insertion Test Bull insertion 3 Data Retention Semi-conductor Std. 10 years 4 ESD Protection MIL STD-883C Mtd. 8 Class 3: 4Kv Chip Characterization

29 Electro-static Discharge – Dry/Wet weather comparison

30 ESD – failure in various stages

31 Reliability of Contact Type Smart Card Reader
Mechanical Insertion Life time – around 1-3x105 insertion For a typical flow of 105 crossing per day Each reader will only last for 3 days Assuming 30 readers installed at border, all readers have to be replaced in 90 days. Whereas, contactless type has MTBF over 115,000 hrs = over 13 years

32 Conclusion Smart Card is an evolutionary product
Trend of use is irreversible HKID project can built a framework to make it smart More technology breakthrough is needed to make them really multi-applications Technology is fact but not miracle

Download ppt "Dr LM Cheng Director Smart Card Design Center"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Trusted Symbol of the Digital Economy 1 Bill Holmes – VP Marketing ID Platform - Smart Cards.

Trusted Symbol of the Digital Economy 1 Bill Holmes – VP Marketing ID Platform - Smart Cards.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptographic Security Presented by: Josh Baker October 9 th, 2012 1CS5204 – Operating Systems.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
ETechnology – Smart Card Dr LM Cheng City University of Hong Kong HKIUG Conference 2000 21-22 June 2000.

ETechnology – Smart Card Dr LM Cheng City University of Hong Kong HKIUG Conference June 2000.
Chapter 6 - Card Security Applications

Chapter 6 - Card Security Applications
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Similar presentations

Ads by Google